Deriving defensible belief statements about threat rankings for large and entangled systems, such as urban Smart Grids, is a formidable task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance how to rank more relevant and filter out the less relevant threats would be desirable. This requires a method able to distill the list of all possible threat events in a traceable and repeatable way, given a set of assumptions on the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are describes in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is exercised on a sample urban Smart Grid. The obtained digest of ranked list of threat events is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.

Threat navigator: grouping and ranking malicious external threats to current and future urban smart grids / Alexandr Vasenev; Lorena Montoya; Andrea Ceccarelli; Anhtuan Le; Dan Ionita. - ELETTRONICO. - 175:(2017), pp. 184-192. (Intervento presentato al convegno 1st International Conference on Smart Grid Inspired Future Technologies, SmartGIFT 2016 tenutosi a gbr nel 2016) [10.1007/978-3-319-47729-9_19].

Threat navigator: grouping and ranking malicious external threats to current and future urban smart grids

CECCARELLI, ANDREA;
2017

Abstract

Deriving defensible belief statements about threat rankings for large and entangled systems, such as urban Smart Grids, is a formidable task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance how to rank more relevant and filter out the less relevant threats would be desirable. This requires a method able to distill the list of all possible threat events in a traceable and repeatable way, given a set of assumptions on the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are describes in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is exercised on a sample urban Smart Grid. The obtained digest of ranked list of threat events is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.
2017
SmartGift 2016
1st International Conference on Smart Grid Inspired Future Technologies, SmartGIFT 2016
gbr
2016
Alexandr Vasenev; Lorena Montoya; Andrea Ceccarelli; Anhtuan Le; Dan Ionita
File in questo prodotto:
File Dimensione Formato  
Threat_navigator_after_review.pdf

Accesso chiuso

Descrizione: versione finale
Tipologia: Versione finale referata (Postprint, Accepted manuscript)
Licenza: Tutti i diritti riservati
Dimensione 232.58 kB
Formato Adobe PDF
232.58 kB Adobe PDF   Richiedi una copia

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1049917
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? ND
social impact